From 08ab46e694f6ac927aa68be046fc8338b09f9583 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Wed, 24 Sep 2008 17:49:09 +0200 Subject: BUGFIX: changed argv[1] to argv[0] due to new parameter handling in eurephia.c --- database/sqlite/eurephiadb-sqlite.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'database/sqlite/eurephiadb-sqlite.c') diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 04ee569..926e94e 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -106,7 +106,7 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) mwStatistics(3); #endif - DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[1]); + DEBUG(ctx, 10, "Function call: eDBconnect(ctx, %i, '%s')", argc, argv[0]); if( (argc != 1) || (argv[0] == NULL) || (strlen(argv[0]) < 1) ) { eurephia_log(ctx, LOG_PANIC, 0, "Wrong parameters to dblink-sqlite. Cannot open database."); @@ -116,11 +116,11 @@ int eDBconnect(eurephiaCTX *ctx, const int argc, const char **argv) // Connect to the database dbc = (eDBconn *) malloc(sizeof(eDBconn)+2); memset(dbc, 1, sizeof(eDBconn)+2); - dbc->dbname = strdup(argv[1]); + dbc->dbname = strdup(argv[0]); eurephia_log(ctx, LOG_INFO, 1, "Opening database '%s'", dbc->dbname); - rc = sqlite3_open(argv[1], (void *) &dbc->dbhandle); + rc = sqlite3_open(argv[0], (void *) &dbc->dbhandle); if( rc ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not open database '%s'", dbc->dbname); free_nullsafe(dbc->dbname); -- cgit From 372ef358481bab5dcb3d4b34fab07409b935d485 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 26 Sep 2008 07:09:26 +0200 Subject: BUGFIX: Made sure that eDBget_sessionkey_seed(...) only returns a sessionkey for sessions which is in open status (sessionstatus is 1 or 2). When a client does a disconnect for session_A, the status of the session is 3, as logged out but not yet deleted. In this status, the session is not deleted, nor is the record in openvpn_sessionkeys for that sessions's sessionseed. If the client then does a new reconnection (session_B) before the session is deleted, it will get the sessionkey for the session which was just logged out, session_A's sessionkey. When OpenVPN then calls the learn_address function to delete the session_A, that session will be closed. This results in that session_B will then do not match any open sessions at all, since session_A and session_B shared the sessionseed to a sessionkey. By changing the eDBget_sessionkey_seed(...) to check that the sessionstatus is 1 or 2 (open session statuses), it should generate a new sessionkey for the session_B, since no sessionkey would be returned for that sessionseed. The destruction of the session (done via eurephia_learn_address(...)) will still work, since this function uses the MAC address of the client and not the sessionseed. --- database/sqlite/eurephiadb-sqlite.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'database/sqlite/eurephiadb-sqlite.c') diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 926e94e..9c24c07 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -615,7 +615,12 @@ char *eDBget_sessionkey_seed(eurephiaCTX *ctx, const char *sessionseed) { "eDBget_sessionkey: No session seed given - cannot locate sessionkey"); return NULL; } - res = sqlite_query(ctx, "SELECT sessionkey FROM openvpn_sessionkeys WHERE sessionseed = '%q'", + res = sqlite_query(ctx, + "SELECT sessionkey " + " FROM openvpn_sessionkeys " + " JOIN openvpn_lastlog USING (sessionkey)" + " WHERE sessionstatus IN (1,2)" + " AND sessionseed = '%q'", sessionseed); if( res == NULL ) { eurephia_log(ctx, LOG_CRITICAL, 0,"Could not retrieve sessionkey from openvpn_sessionkeys (%s)", -- cgit From 4d75e5c5f8c00a11acf757c1783b3da7d583ae05 Mon Sep 17 00:00:00 2001 From: David Sommerseth Date: Fri, 26 Sep 2008 07:30:12 +0200 Subject: BUGFIX: Follow up on the commit fc8a177bc86fc7e68b15045ba7a791e2504f4b5c Make sure that eDBget_sessionkey_macaddr(...) only returns sessionkeys for sessions ready to be destroyed, ie. sessionstatus must be 3. --- database/sqlite/eurephiadb-sqlite.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'database/sqlite/eurephiadb-sqlite.c') diff --git a/database/sqlite/eurephiadb-sqlite.c b/database/sqlite/eurephiadb-sqlite.c index 9c24c07..4fc7c5d 100644 --- a/database/sqlite/eurephiadb-sqlite.c +++ b/database/sqlite/eurephiadb-sqlite.c @@ -644,7 +644,10 @@ char *eDBget_sessionkey_macaddr(eurephiaCTX *ctx, const char *macaddr) { res = sqlite_query(ctx, "SELECT sessionkey " " FROM openvpn_sessions " - " WHERE datakey = 'macaddr' AND dataval = '%q'", macaddr); + " JOIN openvpn_lastlog USING (sessionkey)" + " WHERE sessionstatus = 3 " + " AND datakey = 'macaddr' " + " AND dataval = '%q'", macaddr); if( res == NULL ) { eurephia_log(ctx, LOG_CRITICAL, 0, "Could not remove session from database (MAC addr: %s)", macaddr); -- cgit